LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 07-22-2011, 06:50 AM   #1
Arlc
LQ Newbie
 
Registered: Jul 2011
Posts: 2

Rep: Reputation: Disabled
SSH to Amazon EC2


I am wondering if anyone has any experience with SSHing to Amazon's EC2 site. Has anybody used this site and have any opinions on the reliability, security and real world usefulness of this site for running a cloud?

SSH] Server Version OpenSSH_5.3
[SSH] FAIL: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).


[SSH] INFO: DISCONNECT

I get the above when I try to ZOC to an EC2 instance. I generated the key pair when the instance was created and appears to be a valid key. I am trying to do this from a windows7 box. I also tried using puTTY and got a similar result. Using puTTY Amazon says you have to convert .pem --> .ppk using puTTYgen and save the new resulting private key and use this not the .pem file for initiating the SSH session.

From puTTY
Server refused our key
Access denied.

No supported authentication method available(server sent:
publickey.gssapi-with-mic)

Any help or information on Amazon EC2 appreciated. Thanks
 
Old 07-22-2011, 04:42 PM   #2
hyperhead
Member
 
Registered: Mar 2011
Location: UK
Distribution: Slackware-14.2
Posts: 117

Rep: Reputation: 19
Worked fine for me in XP when I converted my private key pem. Did you File > Save Private key in Putty, then use that in SSH > Auth > Authentication parameters > Private key file for Authentication?

I use Amazon EC2 CentOS Micro instance for running irssi and use keys to ssh back to my Linux machine to enable notify-send. That way I can always be on IRC 24/7 whatever PC / phone I am on.

Last edited by hyperhead; 07-22-2011 at 04:53 PM.
 
Old 07-22-2011, 05:47 PM   #3
Arlc
LQ Newbie
 
Registered: Jul 2011
Posts: 2

Original Poster
Rep: Reputation: Disabled
ssh to ec2

Yes, did that. That's why I tried ZOC because I thought the problem might have been the .pem ---> .ppk conversion.
I'm thinking now that the machine image I created, a 64 bit Red hat version may not be configured with the ssl libraries in it. Where do you find the index of what capabilities, libraries and includes are in an image?
There must a keycode to decipher the image names somewhere.
Thinking about blowing this image away and loading an ubuntu image, but I want to decipher the image name thing first.
 
Old 07-22-2011, 07:41 PM   #4
sneakyimp
Senior Member
 
Registered: Dec 2004
Posts: 1,056

Rep: Reputation: 78
I've been using EC2 for a couple of projects now and I'm able to login via ssh to my Ubuntu compute instances just fine via key authentication from Mac/Windows/Ubuntu. There are a few things to remember:
* VERY IMPORTANT: set up your Amazon Security Groups to permit inbound SSH connects on port 22. If you forget this step, the default configuration is to block all inbound connections.
* For an ubuntu image, you log in as user "ubuntu" using the certificate. If you try to login as root, you get a message instructing you to login as ubuntu instead.
* Remember to specify your private key when you try to ssh in. On windows, when using puTTY, you have to get puttyGen and convert the PEM file to the PPK format. I would encourage you to revisit this step, make sure you are using the private key, not the public one, and make sure you are exporting the right type of file to the right place and also remembering to browse for this file in puTTY when setting up your connection.
* As for Red Hat images, MAKE SURE YOU USE AN OFFICIAL IMAGE. If you are just grabbing one out of the community AMIs you have no idea if the machine might be compromised or not. Red Hat made an announcement some time ago about there official cloud offerings.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Cloud Computing and OpenNebula and Amazon EC2 chall26 Linux - Newbie 0 05-16-2011 12:29 AM
Clustering mail servers (CentOS/Amazon EC2) samarudge Linux - Server 2 02-26-2011 02:28 AM
Amazon EC2 + EBS security david19801 Linux - Security 1 01-10-2011 07:08 PM
Amazon EC2 + EBS security server david19801 Linux - Server 1 01-10-2011 06:03 PM
How to built an amazon ec2 slackware AMI from scratch fietske Slackware 0 01-18-2010 04:55 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 04:58 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration